How bank antifraud works
llegal withdrawal of money funds. The classic scheme works as follows: as a result of skimming / phishing or any other illegal actions, the bank card holder unknowingly transfers his card details to the attackers, sufficient to make a purchase in the online store. An attacker completes a purchase and purchases a product / service. The cardholder, having learned about the unauthorized debiting, reports the loss of money to the bank that issued the card. In turn, the bank initiates Chargeback, that is, the return of the debited funds, and the merchant must return these funds.
What is antifraud and how does it work
Antifraud is a system for monitoring and preventing fraudulent transactions that checks each payment in real time, running them through dozens, and sometimes hundreds of filters. Anti-fraud mechanisms work in such a way as to see if there is anything "unusual" in the payment. The task of the system is to check each transaction, find "suspicious" moments in it and make a decision - to reject the payment or to pass it. The anti-fraud system consists of several components: it is automatic transaction monitoring, which includes many customizable filters, mechanisms for cardholder authentication and card validation, as well as “manual” transaction monitoring for extreme cases.
Such a system is an extremely expensive development that can only be afforded by banks, shops and services - market giants and specialized services (payment aggregators and processing centers that specialize in accepting payments). That is why most online services and online stores prefer to use the services of third-party contractors to receive payments.
What filters are there
Here we will give examples of PayOnline processing center filters - depending on the system developer, they may be different.
- Filter validators. An example is a validator of bank card details. Already in the process of entering on the payment form, the card number is checked by the system according to the Luna algorithm - so the system can understand that the buyer has not sealed it, and the card number entered on the payment form is correct.
- Geographic filters. For example, by country of IP addresses. Statistics show that some African countries have a high level of skimming and card compromise, and as a result, payments made from these countries are highly likely to be fraudulent.
- Stop-list filters. Example: stoplist of bank cards. If the system receives the data of a card on which payments have already been made marked "Fraud", or the cardholder has notified the issuing bank about the compromise of its data, such a card is included in the stop list - the system knows that transactions cannot be skipped on it, since they will turn out to be fraudulent.
- Filters matching (coincidence) parameters. Example: matching the country of the payer's IP address and the country of the bank card issuer. If the payment is made from a country other than the country where the card was issued, and the cardholder did not warn the bank in advance about his travels, there is a possibility that the card details were stolen and used by hackers.
- Authorization limit filters. For example, the limit on the amount of one transaction, the number of authorization attempts from one IP address or from one bank card. To protect both the payer and other participants in the online payment process, there are restrictions on the number and amount of payments made during the day or other period. For some types of business, a particularly large payment, if it turns out to be fraudulent, when returned, can significantly impact profits.
In total, the system can include hundreds of different filters, and the more a business area is susceptible to fraudulent actions, the more filters are turned on and the more subtle each of them is configured for a specific online store or online service.
What happens if you disable anti-fraud completely
The store will start to pass fraudulent payments - significantly more than if the anti-fraud filters were working and checking every transaction. Provided that 3-D Secure is used, where the buyer is obliged to confirm the payment using a one-time password received via SMS, the online store can minimize losses. However, in the event of massive fraudulent transactions, the store may still be disconnected from the payment system. It is enough for the number of fraudulent transactions to reach 1-2% of the number of all payments on the site for a certain period - after that, the acquiring bank can already block payments.
In a situation where 3-D Secure is not used, the situation may turn out to be more than deplorable: the conversion into successful payments can tend to 100%, but the losses from such a rash step will be catastrophic for the store. However, in the realities of the modern market, it is difficult to imagine the situation with the disconnection of all protection mechanisms - on such conditions processing, and acquiring banks, and payment systems will refuse to work with the store even at the stage of connection.
What happens if you turn on all filters
Here the situation is the opposite - when all filters are enabled, the percentage of accepted payments can drop significantly. For some businesses, such protection can simply kill: for example, if we are talking about the sale of air tickets, a restriction by country can negatively affect sales, because a buyer with a bank card can be in Spain and pay for a ticket on website. Accordingly, when all filters are turned on, we provide a 100% level of security, but significantly reduce the conversion into successful payments - the mismatch of the country of the issuing bank, the seller's website and the country from which the purchase is made is a reason not to miss the payment.
Antifraud and conversion
As you can see, the system for monitoring fraudulent transactions requires fine tuning in order to maintain a high level of security, while not losing most of the profit.
In our company, we have identified several main ways to solve this problem:
- Individual customization of the system for the client - experts analyze the business of the online store, its average check, the geography of the client base, and, in accordance with the findings, set up the necessary filters.
- Providing the user with a mechanism for "manual approval" of transactions. Here, the online store can see itself which transactions were suspicious to the system and skip them manually. To confirm the identity of the cardholder, the buyer may even be required to have a copy of the passport and bank card with a masked number (first six and last four digits) and the back side with the owner's signature. On the basis of these documents, the online store can themselves decide on the payment.
- Providing the partner with the ability to control part of the AntiFraud system elements. This decision is made on an individual basis and depends on a number of factors.
In what case can you turn off a number of filters in order to maintain a high level of payment conversion? It is better to make a choice in favor of conversion if:
- The online store has a high margin and a well-organized work with customers in terms of collecting and verifying user data, verifying, confirming and tracking orders;
- Low-risk goods / services, which, by virtue of their specificity, imply a low level of fraud (housing and communal services, city telephony, home Internet, government services).
Consider an example: there are two online stores. One sells branded clothing with a 100% markup, the other sells airline tickets with a 3% markup. In both cases, 100 payments were made, one of which turned out to be fraudulent. Suppose the average check in both stores is $ 10,000. This means that the clothing store will receive a profit of $ 10,000 from the next sale (due to the high margin), which will cover the losses from fraud. With a 3% markup, air ticket offices receive only $ 300 from the sale, and to cover the damage of $ 10,000, more than 30 more tickets will need to be sold. That is why experienced high-margin stores have more opportunities to "weaken" some filters, because with competent work, the income from the increased number of successful payments can reduce losses in case of fraud.
For a low-margin business, the losses will be more significant - in their case, in order to increase conversion, it would be better not to disable filters, but to switch them to notification mode. The notification mode will mark "suspicious" transactions and will allow the online store to make a decision on the admission or rejection of the payment in manual mode on its side. In the case of physical delivery of the goods, the courier, before handing over the goods, will be able to ask for an identity document and present the card with which the payment was made. Possible insurance options for your risks should always be discussed with the payment partner.
